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Abstract 


Intrusion Detection Systems (IDS) are pivotal in safeguarding computer net- 
works from malicious activities. This study presents a novel approach by 
proposing a Hybrid Dense Neural Network-Radial Basis Function Neural 
Network (DNN-RBENN) architecture to enhance the accuracy and efficiency 
of IDS. The hybrid model synergizes the strengths of both dense learning and 
radial basis function networks, aiming to address the limitations of traditional 
IDS techniques in classifying packets that could result in Remote-to-local 
(R2L), Denial of Service (Dos), and User-to-root (U2R) intrusions. 


Keywords 


Dense Neural Network (DNN), Radial Basis Function Neural Network 
(RBFNN), Intrusion Detection System (IDS), Denial of Service (DoS), 
Remote to Local (R2L), User-to-Root (U2R) 


1. Introduction 


In recent years, computer networks have increasingly become relied upon for 
communication and data exchange. This reliance has resulted in a rise in cy- 
ber-attacks and malicious activities. The effectiveness of traditional security 
measures, such as firewalls and intrusion detection systems, is diminishing when 
faced with current security threats. The continuously evolving nature of mali- 
cious network activity requires organizations to adopt advanced security meas- 
ures to ensure adequate protection. Therefore, developing effective and efficient 
methods for real-time detection and mitigation of these malicious activities is 
crucial. To classify these malicious network activities, we can utilize a hybrid of a 
Dense Radial Basis Function Neural Network (DRBFNN). In this approach, we 
input data into a Dense Neural Network (DNN). Subsequently, the output feeds 
into a Radial Basis Function Neural Network (RBFNN). The DNN functions as 
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the initial stage of the network architecture, taking responsibility for processing 
and extracting features from the input data. It consists of multiple layers of in- 
terconnected nodes, known as neurons, which use nonlinear activation functions 
to transform the input data and learn complex representations. We then pass the 
output from the DNN as input to the RBFNN. The RBFNN is a type of neural 
network that employs radial basis functions as its activation functions [1]. These 
functions assess the distance between the input data and a set of predefined cen- 
ter points, and they combine their outputs to generate the final predictions or 
outputs of the network. By merging the capabilities of both the DNN and 
RBENN, we aim to utilize the feature extraction and representation learning ca- 
pabilities of the DNN, along with the RBFNN’s ability to model complex pat- 
terns using radial basis functions. This hybrid approach can potentially improve 
the network’s performance across a range of tasks, including classification, re- 
gression, and pattern recognition. It achieves this by effectively capturing and 
processing the input data. 


2. Background 
2.1. Intrusion Detection Systems 


In the early stages of computer network development, experts manually analyzed 
system logs and access records as the initial methods for intrusion detection. 
However, as cyber-attack techniques grew more intricate, the need for automated 
and advanced solutions became apparent. From 1984 to 1986, Dorothy Denning 
and Peter Neumann pioneered a prototype model for an Intrusion Detection Sys- 
tem (IDS) known as the Intrusion Detection Expert System (IDES). Figure 1 vi- 
sually represents the implementation of IDS within systems. 


Intrusion Detection System 
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Figure 1. Intrusion detection system (source: comodo.com). 


Over the subsequent decades, signature-based detection gained prominence 
due to the recognition of established attack patterns and the creation of rule-based 
detection engines. Notable contributions in this area include a comprehensive 
survey on secure networks conducted by [2] and the subsequent launch of Snort, 
an open source Network-based Intrusion Detection System (NIDS) that em- 
ployed signature matching for real-time identification of attacks, as presented in 
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the paper [3]. While this method proved effective against known threats, it faced 
challenges in dealing with zero-day attacks and maintaining an up-to-date sig- 


nature database. 


2.2. IDS in DNN and RBFNN 


Studies on the detection of malicious network activities have been plentiful, but 
there has been limited research on the use of a hybrid models classification ap- 
proach for this purpose. Parul and Gurjwar employed a layered approach using 
the Decision Tree classifier to train their IDS [4]. The approach provided good 
results for each layer. In addition, the Random Forest algorithm was utilized and 
showed generally good performance, but had limited ability to detect U2R (us- 
er-to-root) attacks with a low rate of classification. The authors recommended 
modifications to the Random Forest algorithm to improve the U2R layer results. 
The IDS was evaluated using the KDDcup99 dataset and demonstrated im- 
provement compared to the newer NSL KDD dataset. 

A Hybrid DNN-RBFNN Model for the classification of malicious network ac- 
tivity can build upon the existing research by incorporating additional algo- 
rithms and techniques, such as Dense Neural Network (DNN) [5] along with 
Radial Basis Function Neural Network (RBFNN), to enhance the accuracy and ef- 
ficiency of malicious network activity classification. One significant advantage of 
dense neural networks in IDS is their ability to learn complex patterns and rela- 
tionships from large-scale network data. Zarai, R. et al. [6] conducted an experi- 
mental study and reported that a dense neural network architecture achieved an 
accuracy of 94% in detecting various types of network intrusions, outperforming 
traditional rule—based IDS approaches. Furthermore, the application of deep 
learning techniques, including the combination of convolutional neural networks 
(CNN) and dense neural networks, has demonstrated encouraging outcomes in 
Intrusion Detection Systems (IDS). 

In a study conducted by [7], various deep learning architectures were com- 
pared, and it was discovered that a model that employed CNN for feature ex- 
traction and a dense neural network for classification exhibited superior perfor- 
mance in detecting advanced persistent threats (APTs). Just like any other neural 
network model, the vulnerability of DNNs to adversarial attacks poses a signifi- 
cant concern, prompting researchers to propose various techniques and strate- 
gies for mitigating these attacks. Promising approaches include adversarial 
training, the utilization of defense mechanisms, and input transformations. Ad- 
versarial training, as outlined in the paper [8], involves augmenting the training 
dataset with adversarial examples, compelling the DNN to develop increased re- 
silience against attacks. 

Radial Basis Function (RBF) networks have been utilized in the field of intru- 
sion detection systems (IDSs) for tasks such as determining the normality or 
anomaly of network packets [9]. These artificial neural networks typically com- 
prise three layers: an input layer, a hidden layer, and an output layer. The hidden 


layer consists of radial basis functions (RBFs), mathematical functions that as- 
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sign a value to an input based on its radial distance from a central point. The 
RBFs in the hidden layer are trained using unsupervised learning methods to es- 
tablish a mapping from the input space to the output space. Figure 2 illustrates 
the fundamental structure of a Radial Basis Function Neural Network. 


Inputs Hidden units (RBF) 


Ef Output 


w(x) 


Figure 2. Radial basis function neural network © [Gildardo San- 
chez-Ante]. 


2.3. Hybrid DNN-RBFNN in Intrusion Detection 


Research by [10] emphasizes that signature-based detection remains effective in 
identifying well-known attacks with established patterns. This approach has 
proven successful in countering attacks that have recognizable footprints, en- 
suring rapid response to known threats. Furthermore, anomaly-based detection, 
as highlighted by [11], is adept at detecting novel or zero-day attacks that lack 
predefined signatures. By establishing a baseline of normal network behavior, 
any deviations from this baseline can be flagged as potential intrusions. 

Despite their strengths, current IDS face notable limitations. Signal-based de- 
tection is ineffective against zero-day attacks, as they do not have previously 
identified patterns. Similarly, anomaly-based detection often struggles with false 
positives and negatives due to its reliance on defining “normal” behavior, which 
can vary widely in complex networks. Signature-based detection can be enhanced 
by leveraging the DNN component of the hybrid model. DNNs are well-suited 
for learning complex patterns and features from raw data. They can be trained 
on a vast amount of historical network traffic to identify subtle variations in at- 
tack patterns, even when attackers slightly modify them to evade traditional sig- 
nature-based detection. Anomaly-based detection can benefit from the RBFNN 
component. RBFNNs are proficient in capturing deviations from established 
norms, effectively detecting novel or zero-day attacks. By using the RBFNN’s 
ability to identify anomalies, the hybrid model can better identify new and un- 
known attack patterns that lack predefined signatures. 


3. Methodology 
3.1. Data Preprocessing 


Data preprocessing plays a pivotal role in achieving high predictive performance 
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with machine learning models. Hybrid models, which combine different types of 
neural networks, have shown promise in tackling complex tasks by leveraging 
the strengths of each component. The combination of Dense Neural Networks 
(DNNs) and Radial Basis Function Neural Networks (RBFNNs) offers a powerful 
approach to capture both global and local patterns in data. However, the effec- 
tiveness of these hybrid models heavily relies on the quality of the input data. 


3.2. Data Normalization 


Data normalization ensures uniform scaling of input features, a critical step to 
facilitate the learning process. For hybrid IDS models, data normalization en- 
hances convergence speed and minimizes the dominance of certain features. 
Common techniques such as Z-score normalization and Min-Max scaling are 


applied to bring the features to a common scale [12]. 


3.3. Feature Selection 


Feature selection is instrumental in eliminating irrelevant or redundant attributes 
that could lead to overfitting or increased computational complexity. Hybrid IDS 
models benefit from a subset of features that collectively capture both global and 
local patterns. Methods like mutual information, Recursive Feature Elimination 
(RFE), and tree-based techniques are employed to ensure effective feature selec- 
tion [13]. 


3.4. Developed Hybrid Model 


The developed hybrid DNN-RBFNN model uses both DNN and RBFNN for the 
classification of intrusion detection. The DNN was designed with several hidden 
layers to learn the complex feature representation of the input data, on the other 
hand, RBFNN, was used to perform the final classification. Mathematically the 
hybrid Dense Radial Basis Function Neural Network can be represented as: 


1 


N 
h h h 
net; = 2 WjiXpi + 9; (1) 
i= 


where wi, is the weight on the connection from the /th input unit, and 6; is 
the bias term. The “A” superscript refers to quantities on the hidden layer. if the 


activation of this node is equal to the net input; then, the output of this node is 
> _oeh( th 
iy =f; (net, ) (2) 


The equations for the output nodes are 


L 

neti, = 2 wily + Op (3) 
iz 

Onn = fe (net’, ) (4) 


«> 


where the “o” superscript refers to quantities on the output layer. The obtained 
outputs, O,, , of the Dense Neural Network layers are passed to the Radial Basis 


Function Neural Network layer which is responsible for producing the final 
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output of the hybrid model. 


Bibs 
(Oy) =exp (On =A) (On.- 4) | i=1,2.--,K (5) 


L 


The ultimate output of the neural network is determined through a process of 
linear weighted summation involving the outputs derived from the hidden layer. 


F(x, )=w 4 (Ox) (6) 


3.4.1. Parameter Estimates of the Developed Model 

Once we've obtained the final output function we then calculate the cost function 
to determine the error between the predicted value and the original values. To 
achieve this, we provide an input x for which we know the corresponding output 
f (x) to the network and observe the computed result. In a broader context, 

we can assess the network’s performance on a testing set 

(xo F) (x F(x )) hX £(%,)) > where each (x, f (x;)) represents an 
input-output pair. By comparing the computed outputs of the network with the 
true values from the testing set, we can evaluate how well the network performs. 


1 N 
Greg RE) 


2 


> (7) 


2 
, we can observe that this function be- 


bo 1 
By defining C, := Ta f(x)- F(x) 


comes large when our network poorly approximates £ and small when the ap- 
proximation is accurate. 


C=} C, (8) 


After weve obtained the cost function we then back propagate the hybrid 
network model updating the weights, 


vc=v[ $c, j-žve, (9) 


i=1 


which implies that we can perform this process for each data point individually 
and then accumulate the gradients by adding their values together. 

In Equation (8), we introduced the notation i to represent the vector that 
captures the activations of the nodes in the /” layer of the network. However, for 
the context, it will be advantageous to examine the values propagated from the 


preceding layer prior to the application of the activation function. 
D aa l l-1 u bo l Aoa l 
Zj = Wi +b; so that a; =0(2,) and iy =0(Z ) (10) 
In the preceding equation, we denote Z, as Z| = i zie, e, where each 


entry corresponds to the values z! (e; are the standard basis vectors). Moreo- 


ver, examining the quantity. 


ô =— and A'=)> óe, (11) 
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These values hold significance in the backward propagation of the algorithm 


through the network and have a direct relationship with — and ae 
Ow, j ob; 
through the chain rule, as 
az! az! 
a = ae ¿=a and ae, (12) 
ôw, Oz; Ow,, =’ eb, ôz, ôb, ” 


If we can compute the values of ô; , we will have successfully obtained our 
gradient, given that a is readily available for any node in the network. Our 
initial step is to calculate this value for the last layer of the network, denoted as 
ô for a network with Z layers. By observing that a; = alzi) , we can apply 
the chain rule once again to deduce that 


1_ ôC Ga; AC (2!) re 


aora aL? 
Oa; Oz, Oa; 

ô =(a;-y,)o"'(z;) (14) 

To obtain 6 A ~ , we can further use chain rule to propagate this value back- 
ward in the network. 

ôC eZ” OC On” 385 307? 
az ia ze 2 azt oT 2, J a 
i j 


Í j i 


LA 
ô; 


L 


: OZ; ; 
Once more, focusing on the term i» we can determine that 
z 


j 


aot (okan) (Zholi) e) 


eat et eae i 
ov oe Dot) 
Therefore, 
aH = Sotto! (2!) a7) 


The weights are adjusted until a stopping criterion is met. 


3.4.2. Adversarial Test on the Developed Model 

The developed hybrid DNN-RBFNN model classifier with a softmax output ac- 
tivation, denoted as y= f (9,x), where @ represents the model parameters 
and (x, y) represents an instance-label pair from the dataset. We generate an 
adversarial instance x’ using the Fast Gradient Sign Method (FGSM), which 
aims to maximize the loss L(x’, y) while adhering to the |, perturbation 
constraint, 
dataset. 


|x’—x|| <£, where € represents the attack strength specific to the 


Utilizing a first-order approximation, we can approximate the loss function as 


L(x, y)= L(x, y)+V,L(x, yý -(x'— x). With this approximation, we can express 
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the computation of the adversarial instance x’ as follows: 
xX =x+E- sign(V,L(x,y)), 
where sign(V,L(x, y)) represents the element-wise sign function applied to 
the gradient of the loss function with respect to x. 
3.5. Evaluation Metrics 


To assess the performance of the hybrid DNN-RBFNN model, appropriate eval- 
uation metrics are selected. One such metric includes a confusion matrix in Ta- 
ble 1, which is a tabular representation that provides an overview of how well a 
classification model performs in predicting class labels when evaluated against 
test data. 


Table 1. Confusion matrix. 


Actual 
Positive Negative 
Predicted Positive True Positive (TP) False Negative (FN) 
Negative False Positive (FP) True Negative (TN) 


True Positive (TP) refers to the accurate identification of positive events among 
the observed data. 

True Negative (TN) corresponds to the correct identification of negative 
events where both the actual and predicted values are negative. 

False Positive (FP) denotes the situation where the predicted value is positive, 
but the actual value is negative. 

False Negative (FN) refers to the scenario where the predicted value is nega- 
tive, but the actual value is positive. 


3.5.1. Specificity 
In multi-class classification, specificity is used to evaluate the performance of a 
model for each individual class. It measures the ability of the model to correctly 
identify instances of a specific class while considering the other classes as nega- 
tives. 

Specificity for a specific class can be defined as: 


True Negatives, 


Specificity. = - — 
True Negatives, + False Positives, 
To calculate the specificity for a particular class, we treat that class as the neg- 
ative class and compute the ratio of true negatives for that class to the sum of 
true negatives and false positives for that class. 


3.5.2. Sensitivity 
Sensitivity can be calculated for each individual class to evaluate the model’s 
performance in correctly identifying instances of a specific class. The sensitivity 


for a specific class can be expressed as: 
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True Positives, 


Sensitivity, = (18) 


True Positives, + False Negatives, 


3.5.3. Accuracy 

Mathematically, overall accuracy is defined as the ratio of the total number of 
correctly classified instances (both true positives and true negatives) to the total 
number of instances in the dataset: 


Number of Correctly Classified Instances 


Overall Accuracy = (19) 


Total Number of Instances 


It provides a general assessment of how well the model performs across all 


classes. 


4. Results and Discussions 


The NSL KDD dataset is a widely recognized and valuable resource for studying 
intrusion detection in network security. It has become a standard benchmark 
dataset, building upon the original KDD Cup 1999 dataset and incorporating 
improvements. In this dataset, the target class represents different types of at- 
tacks that can occur in network security. These attacks can be categorized into 
either binary or multi-classification problems. The dataset consisted of 148,517 
in-stances, which were classified into different types of intrusions: DoS (Denial 
of Service), Probe, U2R (User to Root), R2L (Remote to Local), and normal in- 
trusions. Figure 3 shows the multi-class distribution of the target variables in the 


dependent variable class. 
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Figure 3. Count plot of target class distribution. 


Among the 148,517 packets, the largest portion, encompassing 77,054 instances, 
represented normal intrusions. Denial of Service (DoS) at-tacks account for 


53,385 instances, while Probe incidents were recorded at 14,077. User-to-root 
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(U2R) intrusions were relatively fewer, comprising 3749 instances, and Remote 


to Local (R2L) intrusions were the least common with only 252 instances. 


4.1. Feature Selection 


Feature selection is a crucial step in building robust and efficient machine- 
learning models. One popular algorithm for feature selection is the SelectKBest 
algorithm, which yielded the best results in terms of accuracy and computational 
time when used on various cybersecurity datasets [14]. SelectKBest algorithm 
assigns a scoring function that quantifies the relevance of each feature. Figure 4 


represents the top 15 selected features using mutual information score statistics. 


Selectrd features 


Mutual Information Score 
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Figure 4. Top 15 selected features with the highest mutual info scores. 


Where count: provides an indication of the connection rate, difficulty: meas- 
ures the difficulty level of the network connection, dst_host_count:provides in- 
formation about the connection rate to a specific destination, dst_host_diff_srv_ 
rate: represents the rate of different services accessed on the destination host 
compared to the total number of connections made to that host, dst_host_same_ 
src_port_rate: indicates the rate of connections originating from the same source 
port to a specific destination host, dst_host_same_srv_rate: represents the rate of 
connections to the same service on the destination host compared to the total 
number of connections made to that host, dst_host_srv_count: provides infor- 


mation about the service connection rate, dst_host_srv_diff_host_rate: measures 
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the rate of connections to different hosts using the same service compared to the 
total number of connections to that service, flag_S0: if the connection’s TCP flag 
is set to SO, it represents a connection attempt without synchronization, flag_SF: 
if the connection’s TCP flag is set to SF, it represents a normal established con- 
nection, logged_in: It signifies whether the user is logged in or not, based on the 
connection, same_srv_rate: represents the rate of connections to the same ser- 
vice as the current connection, serror_rate: denotes the rate of connections that 
resulted in a TCP “SYN” error, service_eco_i: represents a specific network ser- 
vice or protocol, such as “eco_i” in this case and finally service_http: represents 
the HTTP network service, indicating connections related to web browsing and 


communication. 


4.2. Developed Hybrid DNN-RBFNN Model 


To create the hybrid model, we employed a two-step approach. First, we trained 
the Dense Radial Basis Function Neural Network (RBFNN) using the training 
dataset. The DNN portion of the model processed the input data and generated 
intermediate outputs. These outputs were then fed into the Radial Basis Function 
Neural Network, which further refined the representations and produced the fi- 
nal predictions. Figure 5 provides a visual representation of the developed mod- 
el. It illustrates the interconnected layers and nodes of both the DNN and 
RBFNN components. 


model: sequential 


Layer (type) Output Shape Param # 
“dense (Dense) =~ Ne; 64) 1024 
dropout (Dropout) (None, 64) ® 
dense_1 (Dense) (None, 64) 4160 
dropout_1 (Dropout) (None, 64) ® 
dense_2 (Dense) (None, 64) 4160 
dropout_2 (Dropout) (None, 64) ® 
dense_3 (Dense) (None, 64) 4160 
dropout_3 (Dropout) (None, 64) ® 
dense_4 (Dense) (None, 64) 4160 
rbf_layer (RBFLayer) (None, 64) 4162 
dense_5 (Dense) (None, 5) 325 


Total params: 22,149 
Trainable params: 22,149 
Non-trainable params: ® 


Figure 5. Developed hybrid model summary architecture. 


4.3. Performance of the Developed Hybrid Model 


Evaluating the performance of our developed hybrid model is crucial. In Figure 
6, we can see the confusion matrix, which provides valuable insights into key 


metrics such as specificity, sensitivity, and accuracy specifically calculated for 
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our hybrid model. These metrics help us understand how well our model is per- 


forming and make informed decisions based on the results. 


Hybrid DNN-RBFNN Confusion Matrix 
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Figure 6. Adversarial model confusion matrix. 


4.4, Adversarial Examples Test on the Developed Model 


To thoroughly evaluate the resilience of the developed model against adversarial 
examples, we conducted a rigorous assessment using the FGSM attack. The 
FGSM technique, introduced by [15], is notorious for its malicious nature. It 
involves perturbing the input data by utilizing the gradient of the loss function 
for the input. By carefully modifying the data in the direction of the gradient, the 
FGSM attack aims to deceive the model. 

This evaluation served as a comprehensive test to determine the model’s abil- 
ity to withstand adversarial attacks. Based on the findings presented in Figure 7, 
we observed that the developed model exhibited susceptibility to adversarial 
examples. It could be tricked into failing to detect certain packets that could po- 
tentially lead to User-to-Root (U2R) and Remote-to-Local (R2L) attacks. 
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Figure 7. Adversarial examples confusion matrix. 
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4.5. Model Optimization 


One challenge we face when training neural networks is deciding on the right 
number of training epochs to use. If we use too many epochs, the network can 
become too specialized and only perform well on the specific training data, 
which is called overfitting [16]. On the other hand, if we use too few epochs, the 
network may not fully grasp the patterns in the data and perform poorly, which 
is known as underfitting. So, finding the balance and determining the sweet spot 
for the number of training epochs is crucial for training a successful neural net- 
work. Figure 8 displays plots for the relationship between the number of epochs 
and the corresponding accuracy, providing valuable insights into the number of 
epochs each model takes to converge. 


Hybrid DNN-RBFNN model accuracy Hybrid DNN-RBFNN model loss 
0.99 4 —— train = train 
val val 
0.98 4 0.20 
0.97 4 
0.15 
5 N 
3 0.96 4 38 
< 
0.95 4 0.10 
0.94 4 
0.05 


Figure 8. Accuracy and loss graphs. 


4.6. Performance Metrics 


Our developed model achieved highly favorable outcomes, demonstrating an 
impressive overall detection accuracy of 98.80%, surpassing the accuracy of 
97.70% for DNN and 97.81% for RBFNN. Table 2 provides a concise overview 
of the sensitivity, specificity, and accuracy of our developed model compared to 
the Dense Neural Network (DNN) and Radial Basis Function Neural Network 
(RBFNN) as discussed in the literature. It is worth noting that the DNN and 
RBENN exhibited inadequate performance in identifying R2L. In contrast, our 
developed model not only achieved better overall accuracy but also effectively ad- 
dressed this limitation, providing a solution that outperformed the other models. 


Table 2. Evaluation Metrics for DNN, RBFNN, and DNN-RBENN. 


Evaluation Metrics 


Overall 
Model Class Specificity Sensitivity hone 


DNN Dos 0.994 0.982 0.977 
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Continued 
Probe 0.993 0.965 
U2R 0.989 0.942 
DNN 0.977 
R2L 1.0 0.0 
Normal 0.993 0.980 
Dos 0.993 0.982 
Probe 0.994 0.953 
RBFNN U2R 0.993 0.899 0.978 
R2L 1.0 0.133 
Normal 0.989 0.986 
Dos 0.997 0.993 
Probe 0.995 0.990 
DNN-RBFNN U2R 0.995 0.937 0.988 
R2L 0.998 0.307 
Normal 0.997 0.989 


4.7. Adversarial Examples Comparison 


Like any other neural network model, our developed model was also susceptible 
to adversarial examples. Figure 9 illustrates the comparison between the devel- 
oped model and the standalone models of DNN and RBENN. 


Comparison of Original and Adversarial Accuracies 
100 97-84% 94-105 


EE Original Accuracy 
Mm Adversarial Accuracy 


80 


60 


Accuracy (%) 


40 


20 


proposed model RBFNN DNN 


Figure 9. Adversarial examples bar plots. 


The RBFNN model achieved an accuracy of 97.81% on the original dataset. 
However, its adversarial accuracy dropped significantly to 73.84%, suggesting 
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vulnerability to perturbed inputs. Similarly, the DNN model achieved an accu- 
racy of 97.70% on the original dataset, but its adversarial accuracy decreased to 
82.61%, indicating susceptibility to adversarial examples. The developed model 
demonstrated the highest accuracy at 98.80% on the original dataset. However, 
like the RBFNN and DNN models, its adversarial accuracy decreased to 82.70%. 
Although still relatively high, this indicates that the developed model is also sus- 


ceptible to adversarial attacks to some extent. 


4.8. Discussion of Results 


Accuracy indicates how often the classification model accurately determines 
whether the network packets sent could result in a normal connection, probe, 
R2L (Remote to local), U2L (User to root), or DoS (Denial of Service) attack. 
Sensitivity evaluates the ability of the classifier to make accurate positive predic- 
tions across all the different classes. 

It measures how well the model can identify true positive cases, indicating its 
capability to detect intrusions correctly. On the other hand, specificity assesses 
the model’s ability to make accurate negative predictions. It measures how well 
the model can identify true negative cases, indicating its capability to correctly 
classify non-intrusive in-stances. The results obtained from the Dense Neural 
Network were consistent with those obtained by [6]. The DNN model demon- 
strates good performance in terms of specificity and sensitivity for most classes, 
except for the R2L class where the sensitivity is 0 and an overall accuracy of 
0.977. 

The RBFNN model shows comparable performance to the DNN model, with 
high specificity and sensitivity foremost classes. However, it struggles with the 
R2L class, where the sensitivity is only 0.133 and an overall accuracy of 0.978. 
Our developed model achieved the highest specificity and sensitivity values for 
most classes, including a significant improvement in the R2L class compared to 
the other models. However, the sensitivity for R2L is still relatively low at 0.307, 


and the overall accuracy is 0.988. 


5. Conclusion and Recommendations 


Through the utilization of advanced deep learning algorithms, particularly DNN 
and RBENN, the outcomes derived from comparing the performance of the hy- 
brid DNN-RBFNN model against individual DNN and RBFNN models were 
nothing short of remarkable. The results showcased the remarkable capabilities 
of the hybrid model, surpassing the individual DNN and RBFNN models across 
a range of metrics. This underscores the immense potential and efficacy of syn- 
ergizing these two powerful approaches to bolster network security and fortify 
defenses against potential threats. 

Furthermore, considering the escalating complexity and extensive nature of 
equipment safety administration, coupled with the ever-growing security needs, 


the future of network security technologies may rely on the integration of di- 
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verse deep learning tools. In this context, the efficacy of DNN and RBFNN mod- 
els has been extensively discussed in this study. The experimental results docu- 
mented the superiority of the hybrid DNN-RBFNN model over standalone DNN 
and RBFNN models. 

Looking forward, the future of network security technologies may involve the 
continued integration and advancement of various deep learning tools, includ- 
ing the incorporation of hybrid deep convolutional neural network models, to 


ensure comprehensive network security and address emerging threats. 
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